Across
- 1. This practice is a means of evaluating security using hacker tools and techniques with the aim of discovering vulnerabilities and evaluating security flaws.
- 6. __________ and access management is a framework of policies and technologies used to ensure that the right users have the appropriate access to technology resources.
- 9. Memorized secret consisting of a sequence of words or other text that a person uses to authenticate their identity and would be difficult for someone else to guess.
- 11. Type of social engineering where scammers send text messages pretending to be from reputable companies to entice individuals to reveal personal information, such as passwords or credit card numbers.
- 12. A virtual _______ _______ is an encrypted connection over the Internet from a device to a network.
- 13. A term for additional or alternative systems, sub-systems, assets, or processes that maintain a degree of overall functionality in case of loss or failure of another system, sub-system, asset, or process.
- 14. A term for hackers that break into the network to steal information that would be used to harm the owner or the users without their consent and is completely illegal.
- 16. An acronym for a centralized function/team at Lowe’s allowing people, processes, and technology to continuously monitor and improve the security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents.
- 18. Shoulder ________ is a criminal practice using direct observation techniques, such as looking over someone's shoulder, to try to steal someone’s personal information.
- 20. The ability to adapt to changing conditions and prepare for, withstand, and rapidly recover from disruption.
Down
- 2. ____ ______ authentication is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are such as something they have (e.g., bank card), something they know (e.g., PIN number) and/or something they are (e.g., biometrics).
- 3. A security violation where sensitive, protected, or confidential data is copied, viewed, stolen, or used by an unauthorized individual, and can cause great financial loss and other repercussions.
- 4. Software that is secretly installed into an information system without the knowledge of the system user or owner.
- 5. This aims to reduce the risk of cyber-attacks and protect against the unauthorized exploitation of systems, networks, and technologies.
- 7. A malicious application or script that can be used to take advantage of a computer’s vulnerability.
- 8. A type of malicious code or software that looks legitimate but can take control of your computer and is designed to damage, disrupt, steal, or (in general) inflict some other harmful action on your data or network.
- 10. __________ __________ baselines are standards for all systems in the network and enable Lowe’s to implement systems in an efficient and standardized manner.
- 15. An unauthorized user who attempts to or gains access to an information system.
- 17. Highly targeted phishing attack aimed at senior executives masquerading as a legitimate email.
- 19. Refrain from inserting unknown or unidentifiable ___________ ______ into your Lowe’s devices unless you are an approved user.